Question No: 72 – (Topic 4)

You are designing a distributed banking application that handles multiple customers. A user may log on to the site to perform activities such as checking balances, performing transactions, and other activities that must be done securely.

The application must store secure information that is specific to an individual user. The data must be automatically and securely purged when the user logs off.

You need to save transient information in a secure data store. Which data store should you use?

NET session state

NET profile properties

NET application state

Shared database

Answer: A

Question No: 73 DRAG DROP – (Topic 4)

You are developing an ASP.NET MVC application that has pages for users who browse the site with Windows Phone 7.

The pages for Windows Phone 7 include the following files:

->_Layout.WP7.cshtml

->Index.WP7.cshtml

You need to update the application so that it renders the customized files correctly to Windows Phone 7 users.

How should you update the Application_Start method? (To answer, drag the appropriate line of code to the correct location or locations. Each line of code may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

Question No: 75 – (Topic 4)

You are developing an ASP.NET MVC application that will be deployed on a web farm.

Passwords must be stored in the web.config file and must not be readable or in a format that is easily decodable.

You need to encrypt the passwords that are stored in the web.config file. Which command-line tool should you use?

Aspnet_regiis.exe

Aspnet_regbrowsers.exe

Aspnet_setreg.exe

Aspnet_compiler.exe

Answer: A

Question No: 76 HOTSPOT – (Topic 4)

You develop an ASP.NET MVC application. The application includes a feature that allows users to reset their passwords. The feature is enabled by a ForgotPassword controller method and a corresponding Razor view.

You need to prevent Cross-Site Request Forgery (CSRF) attacks.

How should you complete the relevant code? To answer, select the appropriate code segment from each list in the answer area.

Answer:

Explanation:

Target1: [ValidateAntiForgeryToken] Target2: @Html.AntoForgeryToken()

Example:

* At the top of the action that we created to handle the posted form, the one with the [HttpPost] attribute added, we#39;ll add another attribute named [ValidateAntiForgeryToken]. This makes the start of our action now look like the following:

[HttpPost] [ValidateAntiForgeryToken]

public ActionResult ChangeEmail(ChangeEmailModel model)

{

string username = WebSecurity.CurrentUserName;

*rest of function omitted*

* we must add the unique token to the form to change the user#39;s email when we display it. Update the form in the ChangeEmail.aspx view under /Account/ChangeForm:

lt;% using(Html.BeginForm()) { %gt;

lt;%: Html.AntiForgeryToken() %gt;

lt;%: Html.TextBoxFor(t=gt;t.NewEmail) %gt;

lt;input type=quot;submitquot; value=quot;Change Emailquot; /gt;

lt;% } %gt;

Question No: 77 DRAG DROP – (Topic 4)

You are developing an ASP.NET MVC application in Visual Studio.

The application contains an area that is defined as shown in the following graphic.

The ActionLink method must invoke the GetOrders() action in ExternalOrderController. You need to configure the parameters of the ActionLink method.

You have the following markup.

Which markup segments should you include in Target 1, Target 2 and Target 3 to complete the markup? To answer, drag the appropriate markup segment to the correct targets. Each markup segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

Answer:

Explanation:

Target 1: “GetOrders”,

Target 2: “ExternalOrderController”,

Target 3: External,

Target 1: the action is getOrders

Target 2: the controller is ExternalOrderController Target 3: The area is External

Question No: 79 – (Topic 4)

You are designing a distributed application that runs on the Microsoft Azure platform.

The application must store a small amount of insecure global information for all users that does not change frequently.

You need to configure the application to meet the requirements.

Which server-side state management option should you use? Each correct answer presents a complete solution. Choose all that apply.

profile properties of the Microsoft Azure application

Microsoft Azure session state

SQL Database

Microsoft Azure application state

Answer: A

Explanation: In many applications, you want to store and use information that is unique to a user. When a user visits your site, you can use the information you have stored to present the user with a personalized version of your Web application. Personalizing an application requires a number of elements: you must store the information using a unique user identifier, be able to recognize users when they visit again, and then fetch the user information as needed. To simplify your applications, you can use the ASP.NET profile feature, which can perform all of these tasks for you.

Question No: 80 – (Topic 4)

You are developing an ASP.NET MVC web application that includes the following method.

You need to test the AccountBalance method. Which unit test should you use?